Title | ||
---|---|---|
Malware Detection System Based on an In-Depth Analysis of the Portable Executable Headers. |
Abstract | ||
---|---|---|
Malware still pose a major threat for cyberspace security. Therefore, effective and fast detection of this threat has become an important issue in the security field. In this paper, we propose a fast and highly accurate detection system of Portable Executable (PE) malware. The proposed system relies on analyzing the fields of the PE-headers using a basic way and a more in-depth way in order to generate a set of standard attributes (SAT), and meaningful attributes (MAT) respectively. The decision phase is conducted by leveraging several machine learning classifiers, which are trained using the best K attributes according to two different feature selection methods. The experimental results are very promising, as our system outperforms two state-of-the-art solutions with respect to detection accuracy. It achieves an accuracy of 99.1% and 100% using 10-folds cross validation and train-test split validation, respectively. In both validation approaches, we only use less than 1% out of the initial set of 1329 extracted attributes. Also, our system is able to analyze a file in 0.257 s. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1007/978-3-030-19945-6_11 | Lecture Notes in Computer Science |
Keywords | Field | DocType |
Malware detection,Machine learning,Portable Executable | Feature selection,Computer science,Artificial intelligence,Malware,Cross-validation,Machine learning,Portable Executable,Cyberspace | Conference |
Volume | ISSN | Citations |
11407 | 0302-9743 | 0 |
PageRank | References | Authors |
0.34 | 0 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mohamed Belaoued | 1 | 0 | 0.34 |
Bouchra Guelib | 2 | 0 | 0.34 |
Yasmine Bounaas | 3 | 0 | 0.34 |
Abdelouahid Derhab | 4 | 277 | 32.68 |
Mahmoud Boufaida | 5 | 37 | 7.63 |